As technology evolves and more and more things take place online, cyberattacks become more frequent. Moreover, no company is immune to attack, evidenced by Entrust’s breach earlier in the year. One of the latest victims is LastPass, which stands as one of the largest password managers in the world with 25 million users.
LastPass CEO Karim Toubba announced the breach of security on August 25th, saying that the company detected unusual activity two weeks prior. The activity took place in the LastPass development environment, where the intruder gained access through a single compromised developer account.
When it comes to cybersecurity, humans are often the greatest risk. It is to the point that companies are dedicated to limiting human cybersecurity risk through training and raising security awareness.
But what did the unauthorized party steal? According to Toubba, the intruder stole “portions of source code and some proprietary LastPass technical information.” The immediate investigation did not reveal any evidence that customer data or encrypted password vaults were accessed.
LastPass also emphasized that the “zero knowledge” architecture employed prevents anyone from accessing a customer’s master password. The passwords are so secure because they are never stored, meaning even LastPass doesn’t have access to them. Not only does that ensure the passwords are secure, but users do not have to take action because of the breach.
Of course, that has not always been the case. LastPass has encountered a breach before. Back in 2015, hackers accessed the company’s network. After the attack, users were asked to change their master passwords when they logged in, alluding to a potential leak.
Therefore, while the company’s transparency is welcomed, it does not entirely eliminate worry. That is especially so since what exactly was stolen remains unclear and could potentially be cause for concern in the near future.
The good news is that the stolen source code mentioned by the company is unlikely to give the hackers access to customer passwords, according to Allan Liska, an analyst at cybersecurity company Recorded Future.
In the meantime, LastPass has declared that its products and services are operating normally.
However, things are not completely back to normal, at least not at LastPass. In response to the breath, the company has deployed containment and mitigation measures. It has also brought in a cybersecurity and forensics firm to ensure everything is properly handled.
The company continued by saying that while the investigation is ongoing, it would keep various measures in place. That includes a state of containment and additional enhanced security measures.
Fortunately, there is no further evidence of unauthorized access, but that has not stopped them from strengthening the environment based on what happened.
It is unlikely to be the end of attempts against LastPass, though. Like any company holding sensitive data, it receives continuous attention from criminals on the web. That is further proven by the increased unauthorized login attempts for LastPass users in December of last year. But hopefully, it will end there, and breaches in security will remain few and far between.